<?php
include("include/config.inc.php");
if(!isset($_SESSION['s_activIds']))
{
	header("Location:checkLogin.php");
}
else
{
  $msg = "";
  if(isset($_POST['oldPassword']))
  {
    $selectQuery = "SELECT userId,password
                      FROM user
                     WHERE userId = ".$_SESSION['s_activIds']."
                       AND password = '".($_POST['oldPassword'])."'";
    $selectQueryResult = mysql_query($selectQuery);
    if($afectedAny = mysql_fetch_array($selectQueryResult))
    {
      $afectedAny['password'];
      if($afectedAny['password'] == ($_POST['oldPassword']))
      {
        $updateQuery = "UPDATE user
                           SET password = '".($_POST['newPassword'])."'
                         WHERE userId = ".$_SESSION['s_activIds']."
                           AND password = '".($_POST['oldPassword'])."'";
        mysql_query($updateQuery);
        header("Location:./index.php");
      } 
      else
        $msg = "Password Not Change";
    }
  }  
  include("./bottom.php");
  $smarty->assign("msg",$msg);
  $smarty->display("changePwd.tpl");
}
?>